CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3305 – C-DATA Web Management System User Creation access control
https://notcve.org/view.php?id=CVE-2023-3305
A vulnerability was found in C-DATA Web Management System up to 20230607. It has been classified as critical. This affects an unknown part of the file /cgi-bin/jumpto.php?class=user&page=config_save&isphp=1 of the component User Creation Handler. The manipulation of the argument user/newpassword leads to improper access controls. • https://github.com/sleepyvv/vul_report/blob/main/C-data/BrokenAccessControl.md https://vuldb.com/?ctiid.231801 https://vuldb.com/?id.231801 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4257 – C-DATA Web Management System GET Parameter jumpto.php argument injection
https://notcve.org/view.php?id=CVE-2022-4257
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be initiated remotely. • https://github.com/siriuswhiter/VulnHub/blob/main/C-Data/rce1.md https://vuldb.com/?id.214631 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-707: Improper Neutralization •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2022-29337
https://notcve.org/view.php?id=CVE-2022-29337
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. Se ha detectado que C-DATA FD702XW-X-R430 versión v2.1.13_X00, contiene una vulnerabilidad de inyección de comandos por medio del parámetro va_cmd en formlanipv6. Esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios por medio de una petición HTTP diseñada • https://github.com/exploitwritter/CVE-2022-29337 https://east-trowel-102.notion.site/CVE-2022-XXXX-OS-CommandInjection-formlanipv6-043ddebec5a1456b92991048617c04e8 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 140EXPL: 1CVE-2020-29054
https://notcve.org/view.php?id=CVE-2020-29054
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. Attackers can use "show system infor" to discover cleartext TELNET credentials. Se detectó un problema en Dispositivos CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD20D1104SN, FD1104S, FD20D1104SN, R220D1104SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN y FD8000. Los atacantes pueden usar "show system infor" para detectar credenciales TELNET en texto sin cifrar • https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.9EPSS: 0%CPEs: 140EXPL: 1CVE-2020-29055
https://notcve.org/view.php?id=CVE-2020-29055
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. By default, the appliance can be managed remotely only with HTTP, telnet, and SNMP. It doesn't support SSL/TLS for HTTP or SSH. An attacker can intercept passwords sent in cleartext and conduct man-in-the-middle attacks on the management of the appliance. Se detectó un problema en Dispositivos CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD20D1104SN, FD1104S, FD20D1104SN, R220D1104SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN y FD8000. • https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html • CWE-319: Cleartext Transmission of Sensitive Information •